Privacy Policy

Effective Date: April 2026 | Last Updated: April 2, 2026

1. Introduction

Board of AI Decision ("we", "us", "our", or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

We comply with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable privacy laws. Please read this policy carefully. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Information You Provide Directly

Account Registration: Name, email address, password (hashed)
Usage Data: Questions submitted to the council, documents uploaded, decisions generated
Communication: Messages sent to support, feedback, and inquiries
Billing Information: Payment details (processed securely through third-party providers)

2.2 Information Collected Automatically

Usage Analytics: Page views, time spent, features used
Device Information: Browser type, IP address, device type, operating system
Cookies & Tracking: Session cookies, preference cookies (see Cookie Policy)
Log Data: Server logs containing IP addresses, timestamps, error messages

3. How We Use Your Information

We use collected information for the following purposes:

Providing and improving our services
Creating and maintaining your account
Processing payments and managing subscriptions
Sending you service-related notifications
Responding to your inquiries and providing customer support
Analyzing usage patterns to improve user experience
Preventing fraud and ensuring security
Complying with legal obligations

4. Legal Basis for Processing (GDPR)

If you are in the EU, we process your data based on:

Contractual necessity: To provide services you've requested
Consent: With your explicit consent (e.g., marketing emails)
Legitimate interests: To improve services and prevent fraud
Legal obligation: To comply with applicable laws

5. Data Sharing and Third Parties

We do not sell your data. We may share information with:

Service Providers: Payment processors, email services, hosting providers
Legal Requirements: When required by law or court order
Business Transfers: In case of merger, acquisition, or asset sale

All third-party processors are bound by confidentiality agreements and process data only as instructed.

6. Data Retention

Account Data: Retained for the duration of your account + 30 days after deletion
BOD System History: Retained for 1 year or until account deletion
Usage Logs: Retained for 90 days for security purposes
Cookies: Session cookies expire when you close your browser

7. Your Rights

7.1 GDPR Rights (EU Users)

Right to Access: You can request a copy of your data
Right to Rectification: You can correct inaccurate information
Right to Erasure: You can request deletion of your data ("Right to be Forgotten")
Right to Restrict Processing: You can limit how we use your data
Right to Data Portability: You can request your data in a portable format
Right to Object: You can object to certain processing activities

7.2 CCPA Rights (California Users)

Right to Know: What data is collected and how it's used
Right to Delete: Request deletion of your data
Right to Opt-Out: Opt out of data sales (if applicable)
Right to Non-Discrimination: No discrimination for exercising your rights

7.3 How to Exercise Your Rights

To exercise any of these rights, please contact us at privacy@board-ai-decision.com with:

Your name and email address
Description of your request
Any supporting documentation

We will respond to your request within 30 days (or as required by applicable law).

8. Security

We implement industry-standard security measures to protect your data:

SSL/TLS encryption for data in transit
Bcrypt password hashing (never stored in plaintext)
Secure database with access controls
Regular security audits and updates
Firewall and intrusion detection systems

            ⚠️ Note: While we use industry-standard protections, no system is 100% secure. We recommend using strong passwords and enabling two-factor authentication when available.
        

9. Cookies and Tracking

We use cookies to enhance your experience. You can control cookies through your browser settings. For more details, see our Cookie Policy (linked below).

10. International Data Transfers

If you are located outside the United States and provide information to us, your data may be transferred to, and processed in, countries other than your country of residence. By using our services, you consent to such transfers.

11. Children's Privacy

Our services are not intended for users under the age of 13. We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 13, we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or by posting a notice on our website. Your continued use of the service constitutes your acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact:

Board of AI Decision
Email: privacy@board-ai-decision.com
Data Protection Officer: dpo@board-ai-decision.com